package com.lrl.config;

import com.lrl.service.AdminServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

@EnableWebSecurity
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    AdminServiceImpl adminServiceImpl;

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        //首页所有人都可以访问，功能也只有对于权限的人访问
        //请求授权的规则
        http.authorizeRequests()
                .antMatchers("/").permitAll()
                .antMatchers("/static/**").permitAll()
                .antMatchers("/admin_test.html").hasRole("admin")
                .antMatchers("/guest_test.html").hasRole("guest");

        //没有权限默认进入登录界面，该登录界面是SpringSecurity自带的login姐界面
//        http.formLogin();

        //自定义登录页面
        http.formLogin()
                .loginPage("/admin/toLogin")//登录请求页面，替换默认springSecurity的页面
                .usernameParameter("account")//获取前台对应的用户名的name值
                .passwordParameter("password")//获取前台传来对于的密码的name值
                .loginProcessingUrl("/login")//登录验证页面，就是虽然你改了自定义前端登录界面，但是进行安全验证的依然是默认的login页面
                .defaultSuccessUrl("/admin/updateLoginTime");//修改默认成功跳转页面，默认index
        //关闭csrf功能，解决存在登出失败404问题
        http.csrf().disable();

        //开启记住密码功能
//        http.rememberMe();
        //自定义接受前端的参数
        http.rememberMe().rememberMeParameter("remember");

        //用户注销，注销完毕回主页
        http.logout().logoutSuccessUrl("/admin/index");
//        http.logout().logoutSuccessUrl("/指定自己的页面");

    }

    @Bean
    UserDetailsService adminDetailsService() {  //注册UserDetailsService 的bean
        return adminServiceImpl;//实现UserDetailsService接口并注册
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//        auth.userDetailsService(adminDetailsService()); //进行user Details Service验证
        auth.userDetailsService(adminDetailsService())
                .passwordEncoder(new BCryptPasswordEncoder());//进行user Details Service验证并采用加密
    }

/*    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
                .withUser("lrl")
                .password(new BCryptPasswordEncoder().encode("123456"))
                .roles("guest")
                .and()
                .withUser("admin")
                .password(new BCryptPasswordEncoder().encode("123456"))
                .roles("admin", "guest");
    }*/

}
